Authorization Management is the Key to Smooth But Secure Payments
If you happen to be a fraudster, it’s likely that you are loving all the ways the industry is making it easier for people to pay. The less friction in a payment, the quicker the money moves, and the more opportunity you have to intersect with fraud and move the money away before anyone notices.
On our side of the battle, payments professionals face a daily challenge; how to balance easy access to payments and smooth transactions, with robust fraud defenses?
It’s no secret that with the new, fast and open payments ecosystem, a new set of fraud threats is materialising. Financial institutions and intermediaries are faced with an unprecedented range of technologies and form factors, thanks to the digital transformation of commerce. The system is increasingly fragmented, and to top it off, now we have to combat fraud in real-time.
It’s unsurprising that Card Not Present fraud is on the rise; overall transaction volumes of CNP are increasing as we adopt multiple payments services including mobile payments, digital wallets, social payments and more. That’s not even including the potential explosion in micro-payments from connected devices as the Internet of Things becomes an everyday reality.
Fraud prevention is like an arms-race - it might seem like this diversification of payments technology just means more potential avenues for fraudsters’ attacks. But at the same time they have been developing phishing, malware and bots, the payments industry has been investing in machine learning and AI, encryption and tokenisation, Multi-Factor and Knowledge Based Authentication.
Resilience in Real-Time
Now the next big challenge is developing robust security for immediate payments. Real-time payments require real-time fraud prevention. This begins pre-payment, with payments providers investing in message encryption, digital certificates, and data capture. In its first incarnation, immediate payments will be initiated by consumers and corporates. Merchants will join the immediate payments revolution later than their ecosystem partners. In a real-time world, it’s not enough to focus fraud prevention on just the payments experience. Fraud prevention has to be considered end-to-end in the same way as customer experience. Strong authentication will be a major factor in achieving a secure transaction—within an excellent customer experience.
Finding the friction sweet spot
In the new payments ecosystem, strong authentication will no longer be needed for each transaction. If it is performed once, then payments to known receivers can flow freely. What will be key is authentication and authorisation management through monitoring relevant data. The implementation of global account numbers, predictive analytics, actionable alerting rules, and behavioural profiling will mean that authentication and authorisation can be streamlined to reduce unnecessary, repetitive checks. This will have positive impacts for merchants and their abandoned basket rates – a smoother purchasing process reduces customer drop-off.
The complication lies in balancing all the ways that customers want to pay...with security. Payments are open, with this openness being driven by consumer demand and regulators. PSD2 aims to drive open payments to encourage innovation in a traditionally staid industry. The mandate looks to support an open and secure payments ecosystem through its requirements for strong authentication. But PSD2’s goals for open banking will not succeed without frictionless authentication and a system of trust. The challenge for all financial institutions and intermediaries is to find just the right amount of friction for it to be smooth yetsecure. We want frictionless, but not so it feels like pickpocketing.
Find out more about how you can achieve frictionless fraud prevention with the latest eBook from our New Payments Ecosystem series: SECURE! How real-time and openness change the payment fraud ecosystem.
Related Blog Posts
How to be a Payments Trailblazer – The Seven Habits of Highly Innovative Organizations
The new Culture of Innovation Index from Ovum and ACI identified segments—from banks to intermediaries to merchants to corporates—at the cutting edge (of innovation) across the payments ecosystem. But what is most notable about those segments that have reached ‘trailblazing’ status is the apparent lack of commonality between them. No one segment, nor one region fosters better innovation. In fact, what’s driving these segments/organizations to be best of breed is their own culture of excellence. The only thing they have in common is their attitude.
Customer Innovation: Erste Bank [Q&A]
The global banking sector is becoming both more strategically focused and technologically advanced, responding to rising consumer expectations while trying to defend market share against an increasing array of competitors. A great deal of emphasis is being placed on digitizing core business processes, and reassessing organizational structures and internal talent to be better prepared for the future of banking.
Regulating for Real-Time: The Role of Government in Payments Modernization
Dr. Leo Lipis and Craig Ramsey, Head of Real-Time Payments for ACI Worldwide, continue their discussion on real-time payments and the findings of the new white paper, Get More from Real-Time.
Issuing and Acquiring in a Real-Time and Open Payments Ecosystem – The Global Picture
Dr Leo Lipis and Craig Ramsey, Head of Real-Time Payments for ACI Worldwide, continue their discussion on real-time payments, stemming from the findings of the new white paper, Get More from Real-Time. See part one.
Four Questions to Drive Your Retail Banking Payments Strategy in 2019
I keep hearing that it’s “an exciting time to be in payments,” and I certainly agree that there is a lot of noise. However, when I look below the surface, I’d argue that the interesting activity is not with the payment itself, but with all the related events and steps in the value chain.
What Can the Re-Regulation of Other Industries Tell Us About Open Banking One Year On?
UK Open Banking just reached its first birthday milestone (on January 13 to be precise) and given my own commentary – including in the ACI blog – on this topic, the first anniversary of Open Banking in the UK certainly won’t pass without a debrief on the progress that’s been made and what challenges lie ahead.
Instant Payments in Italy – And Beyond: Lessons from Il Salone dei Pagamenti
ACI was invited back to Il Salone dei Pagamenti – Italy’s premier payments event organized by the Italian Banking Association (ABI) – to participate in a panel, “SEPA Inst – the Future.” As expected, the session was packed with stats and advice for a more efficient roll out of instant payments – in Italy and beyond.
To Regulate Or Not To Regulate – Is That Thy Question?
Debates are healthy, and as someone who spent a little time during my college years dabbling around the edges of the speech and debate team, I can tell you it’s something that I personally relish. A chance to really talk through the pros and cons of an argument and lay out the bare facts… and then be judged based not only on those facts, but on the presentation and power of persuasion—sign me up!
Request for Pay – What Does It Mean For Financial Institutions?
What do banks – one with $60B+ in assets, one a mid-size regional bank, and one, a small innovative credit union – have in common with payment networks and the ‘Big 4’ consulting firms? They were all part of the first ACI #PaymentsForBreakfast event in North America! The theme was real-time payments, but the focus was more specifically on Request for Pay.
Why Open Banking Might Need to Rely on a Magic Illusion of 24x7 Availability
The adage “the more things change, the more they stay the same” appears to ring true when applied to the early phases of the evolution of open banking (or open payments). Especially when you contrast it with the early days of ATM withdrawals; particularly those made in the dead of night so you could pay cash for your after-party greasy feast.